We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Deepfakes (also known as digital replicas) are created when sophisticated AI technology generates or alters audio-visual content to misrepresent someone or something. Often a person's voice or appearance is digitally...more
The Data (Use and Access) Act 2025 (Commencement No. 1) Regulations 2025 (SI 2025/904) have been made and published. The Regulations bring certain key provisions of the Data (Use and Access) Act 2025 (DUAA) into force from 20...more
As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to...more
To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more
EU Launches UK Adequacy Decision Renewal Process - On 22 July 2025, the European Commission announced that it had launched the process to renew the adequacy decision for the United Kingdom (UK) and confirmed that the UK’s...more
Saudi Arabia has taken a bold and strategic step forward with the introduction of the draft Global AI Hub Law, designed by the Communication, Space & Technology Commission (CST). This pioneering legal framework is part of the...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
Over the last few months, organisations have accelerated efforts to engage with the requirements of the EU AI Act as we fast approach the date for when rules relating to general purpose AI models (“GPAI models”) come into...more
The EU introduces the pioneering EU AI Act, aiming to become a global hub for human-centric, trustworthy AI....more
Christian Schröder, leader of Orrick’s European Cyber, Privacy & Data Innovation practice, joins RegFi co-hosts Jerry Buckley and Caroline Stapleton to break down the EU Artificial Intelligence Act. The conversation explores...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
The UK’s Data (Use and Access ) Act 2025 (“DUA Act”), which received royal assent on 19 June 2025, represents a significant reform to UK data law and reflects Britain’s ambition to spur tech innovation by freeing up the flow...more
Until this date, five different class actions regimes applied to consumer protection, antitrust, public health, discrimination, data protection, and environmental law. Each of these regimes had its own specificities...more
The UK’s Data (Use and Access) Act received Royal Assent last Thursday, June 19th, bringing into law some significant changes to the country’s post Brexit data protection framework, among an array of other, related rules (on...more
Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more
On June 16, 2025, the Council of the EU (Council) and the European Parliament (EP) reached an agreement on a new regulation (the Draft Regulation) to enhance enforcement of the General Data Protection Regulation (GDPR). The...more
On 4 June, the Council of the European Union (Council) adopted its negotiation position on the proposals for a new regulation and directive that make up the so-called ‘pharma package’. The pharma package now moves to the next...more
On 4 June 2025, the Council of the EU adopted its position on the EU Pharma Law Package legislative proposal to revise the EU’s general pharmaceutical legislation. The Council, consisting of all the 27 EU Member States and...more
The EU regulation designed to facilitate secondary use of clinical data for research brings benefits for health research, but also poses challenges for companies....more
On April 9, 2025, the coalition agreement of the future German Federal Government, consisting of the three German parties CDU, CSU and SPD, was published. The document entitled “Responsibility for Germany” contains several...more
The EU Pay Transparency Directive (’PTD’) introduces extensive disclosure obligations regarding salary information. At the same time, employers must ensure compliance with the applicable data protection regulations and...more
On March 5, 2025, Regulation (EU) 2025/327 of the European Parliament and of the Council of February 11, 2025 on the European Health Data Space and amending Directive 2011/24/EU and Regulation (EU) 2024/2847 (the Regulation)...more
On March 7 2025, the European Parliamentary Research Service (EPRS) published a paper outlining the challenges to UK data adequacy and ongoing national legislative reforms that could affect the renewal of the two existing...more
Our clients are at the forefront of many of the developments covered by the report. That said, I couldn’t help thinking that the report overlooked a law that takes effect in less than six months’ time and which will have...more